The University of Texas at Austin Relies on Splunk for Security Intelligence

By automating identification and response to malware threats, Splunk helps UT Austin more effectively control outbreaks and reduce or eliminate escalations

SAN FRANCISCO - July 24, 2012 - Splunk Inc. (NASDAQ: SPLK), the leading provider of software for real-time operational intelligence, today announced that the University of Texas at Austin is using Splunk Enterprise to improve network security across its campus. Splunk software enables the University's Information Security Office (ISO) to take a proactive approach to security, using Splunk to identify unknown threats and network anomalies and allowing the ISO team to alert the impacted departments and schools faster than ever before.

UT Austin depends heavily on its wired and wireless networks to enhance the educational experience and quality of life for its 50,000 students and 24,000 faculty and staff. Up to 120,000 individual devices—servers, switches, wireless access points, desktops, laptops, tablets, smart phones, security cameras, and other systems—may be connected to the network at any given time, and the university's eight-person Information Security Office (ISO) team is responsible for ensuring network security for the entire campus.

"Splunk provides a simple, visual view into our data that enables us to see emerging patterns, compare results, isolate commonalities and take action that prevents escalations and outages," said Cam Beasley, chief information security officer, Information Security Office, University of Texas at Austin. "We use Splunk software daily and it's critical to our operations. It makes us better equipped to detect new anomalies and respond to them quickly. Without it, we would be far less effective—I'm sure of that."

Prior to using Splunk, the ISO analysts used intrusion detection/prevention system (IDS/IPS) appliances and custom-developed software tools to monitor network activity. With Splunk, the ISO team is able to investigate security threats and incidents faster and more accurately across the university's distributed network.

The Flashback Trojan provides an example of how the ISO team uses Splunk to identify and control suspicious events before they escalate into outages or breaches. When the Flashback Trojan began infecting Apple's OS X operating system in April 2012, the UT Austin ISO team used its own custom Splunk application for event correlation and anomaly detection to combat the threat and rapidly contain the event.

"The digital world is an increasingly dangerous place, with the growth in the frequency and sophistication of threats far outpacing traditional security technologies," said Mark Seward, director of security and compliance marketing, Splunk. "In this asymmetrical arms race, statistical analysis and pattern monitoring are a future-proof solution approach for addressing unknown threats. The University of Texas at Austin has taken matters into its own hands, arming its ISO team with Splunk's powerful big data analytics capabilities to quickly identify and address threats they didn't even know existed."

The ISO team estimates it saves hundreds of hours per year in security analyst time by automating workflows and providing faster insight into events and anomalies using Splunk. This frees analysts for more productive, higher value work. For more on how the University of Texas at Austin benefits from Splunk Software, read the case study on the Splunk website.

About Splunk

Splunk® Inc. (NASDAQ: SPLK) provides the engine for machine data™. Splunk software collects, indexes and harnesses the massive machine data continuously generated by the websites, applications, servers, networks and mobile devices that power business. Splunk software enables organizations to monitor, search, analyze, visualize and act on massive streams of real-time and historical machine data. More than 4,000 enterprises, universities, government agencies and service providers in over 80 countries use Splunk Enterprise to gain operational intelligence that deepens business understanding, improves service and uptime, reduces cost and mitigates cyber-security risk. To learn more, please visit www.splunk.com/company.

FOLLOW US:

FOLLOW US:

Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.